Skip to navigation

Security Advisory Important: glibc security update

Advisory: RHSA-2010:0787-1
Type: Security Advisory
Severity: Important
Issued on: 2010-10-20
Last updated on: 2010-10-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-3847

Details

Updated glibc packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The glibc packages contain the standard C libraries used by multiple
programs on the system. These packages contain the standard C and the
standard math libraries. Without these two libraries, a Linux system cannot
function properly.

It was discovered that the glibc dynamic linker/loader did not handle the
$ORIGIN dynamic string token set in the LD_AUDIT environment variable
securely. A local attacker with write access to a file system containing
setuid or setgid binaries could use this flaw to escalate their privileges.
(CVE-2010-3847)

Red Hat would like to thank Tavis Ormandy for reporting this issue.

All users should upgrade to these updated packages, which contain a
backported patch to correct this issue.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
glibc-2.5-49.el5_5.6.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: d03596fd61b01620c1d0473b6932cfb8
SHA-256: 038421775e58e41426143acb473c4edc87a3be86bc42c1cd9cb8f0d2d215703d
 
IA-32:
glibc-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 39727acfc4753843e03d87b15e7dfedc
SHA-256: 045adde3b2163864d90c0a788f6445d9f693dc79fe7d9ca23790943533cd961f
glibc-2.5-49.el5_5.6.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 001f8573b3bf84bb0002a9bb062a9482
SHA-256: acd36146faeb926eb4526e43cea45a6651ff575c60f22ea3a50db367bc2c7b86
glibc-common-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4e68e1cea40e4a6ef324488007d8d3c7
SHA-256: 6f62d3bae2c48defde1681a5f787ee47f2932a7ad217c95ff16a8518b1ae208e
glibc-devel-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 794df918ae368114e830b50dbfb18ff1
SHA-256: 90b4f0fc89a30b2189f7a6e52d1e7e64f7ea2a9cdea1037308dc4dcd8a37415f
glibc-headers-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: d5c114140b888726d411e47d2e2ac862
SHA-256: dc2999d463937943b819fc8d7aba108a8c1d1f6cd9b4b368bc3aa41e6b477992
glibc-utils-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2b5483e8e1b4bb4be9b5c7bc5780037f
SHA-256: a95d45717923b6c2a96096f8ebfe6801f7b5a1666ee599a9c638782943fbe407
nscd-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 005e6007550247271716f911ca29936d
SHA-256: 327764e7aad1d2c244c76f8590cf07357cc11461804afe81361b7e330f2f37ae
 
IA-64:
glibc-2.5-49.el5_5.6.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 001f8573b3bf84bb0002a9bb062a9482
SHA-256: acd36146faeb926eb4526e43cea45a6651ff575c60f22ea3a50db367bc2c7b86
glibc-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6b2ce5622fe43625209361d87c221cb2
SHA-256: ed92289a5613d1bb9693ac05a3a9a46c8699407585d75e31115d90a876392aae
glibc-common-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: ad0b0a6c2e55505935a13b98980e2cf2
SHA-256: 889ead8702b88c1c5cbd42fc1d40857cda8555f84cd6b030655782ba8afb992d
glibc-devel-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4b448ad34aa89d0e56d0c8955350ae65
SHA-256: 6fb75e0cdf66d4f32e70e539de211f59a8037fc2f118bc48fe4c619c15d27994
glibc-headers-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4815763be76eb5efeed4a634b5fda2d5
SHA-256: b102c8edf03a6a10786a1bdfb1a9b01ba09ad11d523f7d69a2931488a5cdc741
glibc-utils-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: fcba0bb48a2b0ac6ca5844dddb8f5860
SHA-256: 1da4d10ae0d350ae9873653e2115fd59a40eea9b83f9a121765b591b4113eaab
nscd-2.5-49.el5_5.6.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 06c659d7f67d3a4612af47bc2a8dd81d
SHA-256: 2c58f05f7cf260c521b9dd89cb0e00347ff89376f384fb4cf85305882274f2fc
 
PPC:
glibc-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: fa5a2a9e049c63a6dc04e7ef3388c16f
SHA-256: e5a769c224e1b791e383f0a6a1e22b2c5af0004ef48a9bf2899b035fc831842b
glibc-2.5-49.el5_5.6.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: cb48fcc28f188cdd3b2c11284daa58d1
SHA-256: 2748b7dd3b6bf4a0ff49d8aa587979d897b74682c2091294ddee2f0cb94f66c5
glibc-common-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8a948f822a021bd5fd9698c7d70b1508
SHA-256: 6a1bfea3fa8160ec3177b566e70f4a02b047ed0973e96151c6d71378766ba279
glibc-devel-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 514e43f1710fcf3e79c244ea1628756f
SHA-256: 18492ca0f361a6ad8eca358d117dc6d810745a10976337daf1ade5b1bdec584f
glibc-devel-2.5-49.el5_5.6.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: c0aeaddd958af492f5830fa559086e82
SHA-256: 05889804538ff36eab6d7f022387b10972b6173404e373d22d34980c4f8c5b2d
glibc-headers-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6c678f54e2221df6b9b6ec94a0653f42
SHA-256: eafb48d824281cba5f5a9a8ec03bd8806102335042abadfe342bc9ef8349b0a3
glibc-utils-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: ea49c9e338b02448610ae0fecef1f775
SHA-256: 6a18d07c04f5dac17c87c8a44f2cbc91f0042d886cddfb36078efe17f61f33ac
nscd-2.5-49.el5_5.6.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 32aed5651b20cb3dfccb616ef7b4510c
SHA-256: e8a7cd45905b25d585a403b619b309df767d45abbb6569a6acf6e294e0eb14cc
 
s390x:
glibc-2.5-49.el5_5.6.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: a6420ef23d0085b6bd4c6c575c03d923
SHA-256: 4dbc4c208540dd23d182a5165aba7cc5ea6f24a753881c933e6581896f371ea0
glibc-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 0d8e41f28b88f169ce33f7489bdaadc5
SHA-256: 0f1479d3c7c5af81f45d414adc0fa5ca2900270a35eef5d877abdc42dbac9de2
glibc-common-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 487d5223c88818a38ef8112bc017ca9d
SHA-256: 7a1d1a107b6309957c466574a7c6620789b4f1b9e1eb5210aeb21bdaaff43c7a
glibc-devel-2.5-49.el5_5.6.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: cdf8f35d642fe3b91b6b2964320dd5eb
SHA-256: 0a3f7d31b7be2efaef651d195d3310580c3a9d4beecacf1dda5a25cbdff201e7
glibc-devel-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1f9e1d20223a783fc4ef8d4dfb6efc48
SHA-256: cc878ccb4f846773e6beebc31db505166dfb981bbbfbf2abedbae3a205cb04ee
glibc-headers-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: b2a6f026f12dfa53a0361da96aab282a
SHA-256: d0c3d0ecdb37f677b3bd3d0b12ec10057e832a3e31c2f95e3735d9c1c42bcc6f
glibc-utils-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2b495fb4fb0ee20efe0eff818c6925a5
SHA-256: b8f6fdb8fb30e533e977973dd6b22c79097a1104e88dc9568ade44e77daecb15
nscd-2.5-49.el5_5.6.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 20a97dec071ca2b59cfe9258e4968322
SHA-256: 22d5092346f7d98fdbbf76ea88bd1c604674e4112d830a331566b757514db54b
 
x86_64:
glibc-2.5-49.el5_5.6.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 001f8573b3bf84bb0002a9bb062a9482
SHA-256: acd36146faeb926eb4526e43cea45a6651ff575c60f22ea3a50db367bc2c7b86
glibc-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 504859e0c924920d0d90a04d11bfd3dd
SHA-256: eb88d2dce4a6955b73082cf89592f2fd7ff037bc5fac9191cb113ff09ea5eb9c
glibc-common-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 67ab3f92731948cbfe051fef5732eb04
SHA-256: 67f92fb2f7ac80bcdea15643dc757eb28a4465b3c4a08e427ec3e5456c0114b3
glibc-devel-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 794df918ae368114e830b50dbfb18ff1
SHA-256: 90b4f0fc89a30b2189f7a6e52d1e7e64f7ea2a9cdea1037308dc4dcd8a37415f
glibc-devel-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4574cac3577c18dd249c8ff6f6c2e7c9
SHA-256: d10f49d9f83bfd0304145b4919622c0fa69b2d5edd9caa3f7848baea4e0897d4
glibc-headers-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 88f8c8b4c5c28287796f6bb217bdae11
SHA-256: 2f980bcd6e1d3f599fd571dfe55b662b19d4dbfceffbcf86811db02e7ec85463
glibc-utils-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1c6b4d5186e414b7737ee778e4e6d294
SHA-256: db620e4fea80b1d69006b840b33c16dbf9fcac6da7914624cee0afc3d30c5f5e
nscd-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: d4ac368368db8b48ab5025f97bd095d6
SHA-256: 43d93487b63c7fb7e53b88ba316e96990102c581dd881834ff8ee354cbb30637
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
glibc-2.5-49.el5_5.6.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: d03596fd61b01620c1d0473b6932cfb8
SHA-256: 038421775e58e41426143acb473c4edc87a3be86bc42c1cd9cb8f0d2d215703d
 
IA-32:
glibc-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 39727acfc4753843e03d87b15e7dfedc
SHA-256: 045adde3b2163864d90c0a788f6445d9f693dc79fe7d9ca23790943533cd961f
glibc-2.5-49.el5_5.6.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 001f8573b3bf84bb0002a9bb062a9482
SHA-256: acd36146faeb926eb4526e43cea45a6651ff575c60f22ea3a50db367bc2c7b86
glibc-common-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4e68e1cea40e4a6ef324488007d8d3c7
SHA-256: 6f62d3bae2c48defde1681a5f787ee47f2932a7ad217c95ff16a8518b1ae208e
glibc-devel-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 794df918ae368114e830b50dbfb18ff1
SHA-256: 90b4f0fc89a30b2189f7a6e52d1e7e64f7ea2a9cdea1037308dc4dcd8a37415f
glibc-headers-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: d5c114140b888726d411e47d2e2ac862
SHA-256: dc2999d463937943b819fc8d7aba108a8c1d1f6cd9b4b368bc3aa41e6b477992
glibc-utils-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2b5483e8e1b4bb4be9b5c7bc5780037f
SHA-256: a95d45717923b6c2a96096f8ebfe6801f7b5a1666ee599a9c638782943fbe407
nscd-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 005e6007550247271716f911ca29936d
SHA-256: 327764e7aad1d2c244c76f8590cf07357cc11461804afe81361b7e330f2f37ae
 
x86_64:
glibc-2.5-49.el5_5.6.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 001f8573b3bf84bb0002a9bb062a9482
SHA-256: acd36146faeb926eb4526e43cea45a6651ff575c60f22ea3a50db367bc2c7b86
glibc-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 504859e0c924920d0d90a04d11bfd3dd
SHA-256: eb88d2dce4a6955b73082cf89592f2fd7ff037bc5fac9191cb113ff09ea5eb9c
glibc-common-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 67ab3f92731948cbfe051fef5732eb04
SHA-256: 67f92fb2f7ac80bcdea15643dc757eb28a4465b3c4a08e427ec3e5456c0114b3
glibc-devel-2.5-49.el5_5.6.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 794df918ae368114e830b50dbfb18ff1
SHA-256: 90b4f0fc89a30b2189f7a6e52d1e7e64f7ea2a9cdea1037308dc4dcd8a37415f
glibc-devel-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4574cac3577c18dd249c8ff6f6c2e7c9
SHA-256: d10f49d9f83bfd0304145b4919622c0fa69b2d5edd9caa3f7848baea4e0897d4
glibc-headers-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 88f8c8b4c5c28287796f6bb217bdae11
SHA-256: 2f980bcd6e1d3f599fd571dfe55b662b19d4dbfceffbcf86811db02e7ec85463
glibc-utils-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1c6b4d5186e414b7737ee778e4e6d294
SHA-256: db620e4fea80b1d69006b840b33c16dbf9fcac6da7914624cee0afc3d30c5f5e
nscd-2.5-49.el5_5.6.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: d4ac368368db8b48ab5025f97bd095d6
SHA-256: 43d93487b63c7fb7e53b88ba316e96990102c581dd881834ff8ee354cbb30637
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

643306 - CVE-2010-3847 glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/